Wednesday, May 29, 2013

NuitDuHack2013 Crackme 100 (Huge.js)

NuitDuHack2013 Crackme 100 (Huge.js)

A gigantic javascript file is given to us (about 25mb text file)
huge.zip

Recommended Tools:
- Notepad++
- Firefox Browser

Opening the file in Notepad++, we can see that it contains a function called "x" and a very long bunch of hexadecimal characters
The hexadecimal characters are most likely encoded javascript code and the function "x" is the decoding function

In order to decode the javascript code, we can create a html file and use the x function to help us decode the hexadecimal characters.
Something like this


Load the above html file into your browser (I used Firefox) and it should show you the decoded javascript code like this


Wait a minute, this looks exactly like the encoded code at the beginning of the puzzle.
This is because the javascript code is encoded multiple times and we need to decode it multiple times in order to get the original code
Copy the hexadecimal characters from the browser output and paste it back into the "abc" variable in the html file.
Reload the html file in the browser to run the decoding a second time.
Repeat this for 6 times and you will get the final actual javascript code


The actual code consists of multiple functions that perform hashing on the password.
There is also a function "unlock" which basically checks for a certain password hash.
Analyzing this function, we know that the password is 5 characters long and it can only contains a certain list of valid characters
With that, we can write a brute force function to brute force the password out


Run the brute force script in a browser and after awhile, it will give you the flag
(Do note that the brute force will take awhile, the browser may prompt you that the script is unresponsive. If it does, do not stop the script, ignore the warning or wait for the script to complete)
(For this, I recommend Firefox, as Firefox has the option of "Don't ask me again" which will save you a lot of waiting and clicking frustration)


Cheers,
thegrayone

No comments:

Post a Comment